Microsoft ASP .NET Framework Multiple Vulnerabilities
RISK: High Risk
TYPE: Servers - Internet App Servers
Collisions in HashTable May Cause DoS Vulnerability
A denial of service vulnerability exists in the way that ASP.NET Framework handles specially crafted requests, causing a hash collision. An attacker who successfully exploited this vulnerability could send a small number of specially crafted requests to an ASP.NET server, causing performance to degrade significantly enough to cause a denial of service condition.Insecure Redirect in .NET Form Authentication Vulnerability
A spoofing vulnerability exists in the way that .NET Framework verifies return URLs during the forms authentication process. An attacker who successfully exploited this vulnerability would be able to redirect a user to a website of the attacker's choosing without the user's knowledge. The attacker could then perform a phishing attack to gain information from the user they did not intend to disclose. This vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to further compromise user information intended to remain private.ASP.Net Forms Authentication Bypass Vulnerability
An elevation of privilege vulnerability exists in the way that .NET Framework authenticates users. In order to exploit this vulnerability, an unauthenticated attacker would need to be able to register an account on the ASP.NET application, and must know an existing account name for a targeted user. The attacker could then craft a special web request using a previously registered account name to gain access to that account. The attacker could then take any action in the context of the targeted user, including executing arbitrary commands on the site.ASP.NET Forms Authentication Ticket Caching Vulnerability
An elevation of privilege vulnerability exists in the way that ASP.NET Framework handles cached content when Forms Authentication is used with sliding expiry. An attacker who successfully exploited this vulnerability could take any action including executing arbitrary commands that the user could take on the site in the context of the target user. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted link to the user and convincing the user to click the link. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message.
Impact
- Denial of Service
- Security Restriction Bypass
- Spoofing
System / Technologies affected
- Microsoft ASP .NET Framework 1.x
- Microsoft ASP .NET Framework 2.x
- Microsoft ASP .NET Framework 3.x
- Microsoft ASP .NET Framework 4.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/MS11-100
Vulnerability Identifier
Source
Related Link
Share with